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APPELLANT>S BRIEF ON APPEAL UNDER 37 C 641^7 

Sir; 

This Appeal Brief is filed pursuant to the "Notice of Appeal to the Board of Patent 
Appeals and Interferences" mailed April 24, 2006. 

Real Party In Interest 
The real party in interest is assignee International Business Machines Corporation, 
Armonk, New York. 

Related Appeals and Interferences 
Appellant is aware of no appeals or interferences that would be affected by the present 


Status of Claims 

Appellant appeals the final rejection of Claims 1«14, which as of the filing date of this 
Brief remain under consideration. The attached Appendix A presents the claims at issue as 
finally rejected in the Final Office Action of January 24, 2006 (hereinafter "Final Office 
Action") and the Advisory Action of April 12, 2006 (hereinafter "Advisory Action"). 
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Status of Amendments 
The attached Appendix A presents the pending claims and each of the pending claims 
corresponding status. All amendments in the present case have been entered. 

Summary of the Claimed Sab ject Matter 

The present application includes Independent Claims 1,13, and 14. The cJaims are 
method, system and computer program product claims. Claim 1 is directed to methods for 
authentication of a user by an authenticating entity. Such methods may be provided by the 
authenticating entity sending a challenge to a user. See Specification, page 10, lines 14-16 
and Figure 3 O^lock 310). The user adds a spoiler to the challenge. iS^e Specification, page 
10, lines 17-19 and Figure 3 (block 314). The user encrypts the combined spoijer and 
challenge using a private key of an asymmetric key pair. See Specification, page 10, lines 
19-22 and Figure 3 O^lock 316). The user sends a response to the authenticating entity in the 
fomi of the encrypted combined spoiler and challenge. See Specification, page 10, lines 23- 
24 and Figure 3 (block 318). 

Independent Claim 13 is directed to a system for authentication of a user. The system 
includes a first application and an authenticating second application. Structure corresponding 
to the means recitations found in Claim 13 is provided, inter alia, by a processor for carrying 
out the functions of instmctions loaded into a system. See Specification, page 14, lines 5-8 
and Figures 3 and 4, Thus, structure corresponding to the "the authenticating second 
application having means for sending a challenge to the first application" is provided, inter 
alia, by a processor, for example Ae processor used to perfomi the flmction of block 310 of 
Figure 3. See Specification, page 1 0, lines 14-16 and Figure 3 (block 310). Structure 
corresponding to the *'the first application having means for adding a spoiler to the challenge 
and means for encrypting the combined spoiler and challenge with a private key of an 
asymmetric key pair" is provided, inter alia, by a processor, for example the processor used to 
perform the fimction of blocks 314 and 316 of Figure 3. See Specification, page 10, lines 17- 
22 and Figure 3 (blocks 3 14 and 316). Structure corresponding to the *'means for sending the 
encrypted combined spoiler and challenge firom the first application to the authenticating 
second application" is provided, inter alia, by a processor, for example the processor used to 
perform the fimction of block 318 of Figure 3. See Specification, page 10, lines 23-24 and 
Figure 3 (block 318). 
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Independent Claim 14 is directed to a computer program product corresponding to 
Claim 1. 

Claim 2 is directed to aspects of the invention where the authenticating entity decrypts 
the encrypted combined spoiler and challenge using the public key of the asymmetric key 
pair and determines if the user has been authenticated. See Specificatioxi, page 10, lines 28- 
30 and Figure 3 (block 322). 

Claim 3 is directed to aspects of the invention where the spoiler is added by applying 
a spoiler function to the challenge. See Specification, page 1 1, lines 24-27 and Figure 4 
05lock414), 

Claim 4 is directed to aspects of the invention that send the form of the spoiler 
function to the authenticating entity. See Specification, page 12, lines 1-5 and Figure 4 
(block 420). 

Claim 5 is directed to aspects of the invention where the spoiler is added to the 
challenge as a prefix or a suffix and the authenticating entity extracts the challenge by 
counting the number of bytes from the beginning or end of the combined spoiler and 
challenge. See Specification, page 11, lines 7-13 and Figure 3 (block 326). 

Claim 6 is directed to aspects of the invention where the user obtains a digest of the 
combined spoiler and challenge before the step of encrypting. See Specification, page 1 1 , 
lines 24-27 and Figure 4 (block 416). 

Claim 7 is directed to aspects of the invention where the user obtains the digest by 
allying a hash junction to the combined spoiler and challenge. See Specification, page 1 1, 
lines 24-27 and Figure 4 (block 416). 

Claim 8 is directed to aspects of the invention where the user sends details of the 
spoiler and the method of obtaining the digest to the authenticating entity. See Specification, 
page 12, lines 1-5 and Figure 4 (block 420). 

Claim 9 is directed to aspects of the invention where the user sends details of the 
algorithm used for encryption to the authenticating entity. See Specification, page 12, lines 
1-5 and Figure 4 (block 422). 

Claim 10 is directed to aspects of the invention where the authenticating entity obtains 
a digest of the combined spoiler and the original challenge that the authenticating entity sent 
to the user and compares the digest to a digest obtained by decrypting the response jfirom the 
user. See Specification, page 12, lines 5-'20 and Figure 4 (blocks 414, 430, and 432). 
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Claim 1 1 is directed to aspects of the invention where the challenge is a bit sequence. 
See Specification, page 10, lines 13-14 and Figure 3 (block 310). 

Claim 12 is directed to aspects of the invention where the spoiler is an additional bit 
sequence. See Specification, page 1 1, lines 7-13 and Figure 3 (block 314). 

Grounds of Rejection to Be Reviewed on App eal 

1 . Claims 1-5 and 1 \AA stand rejected under 35 US.C. § 103(a) as being 
unpatentable over United States Application Publication No. 2002/0034301 to Andersson 
(hereinafter "Andersson") in view of United States Application Publication No. 
2004/0202328 to Hara (hereinafter "Kara")- 

2. Claims 6-8 and 10 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Andersson in view of Hara, and further in view of United States Patent No. 
6,072,875 to Tsudik (hereinafter "Tsudik"). 

Argument 

L Introdttction 

The pending claims are rejected as obvious under 35 U.S.C § 103. To establish a 
prima facie case of obviousness, the prior art reference or references when combined must 
teach or suggest all the recitations of the claims, and there must be some suggestion or 
motivation, either in the references themselves or in the knowledge generally available to one 
of ordinary skill in the ait, to modify the reference or to combine reference teachings. 
M-P.E.P. §2143. The mere fact that references can be combined or modified does not render 
the resultant combination obvious imless the prior art also suggests the desirability of the 
combination. M.P.E.P, §2143.01, citing /« re Mills, 916 F.2d 680, 16 U.S.P-Q.2d 1430 (Fed. 
Cir. 1990). As emphasized by the Court of Appeals for the Federal Circuit, to support 
combining references, evidence of a suggestion, teaching, or motivation to combine must be 
clear and particular, and this requirement for clear and particular evidence is not met by 
broad and conclusory statements about the teachings of references. In re Dembiczak, 50 
U.S.P.Q.2d 1614, 1617 (Fed. Cir. 1999). The Court of Appeals for the Federal Circuit has 
further stated that, to support combining or modifying references, there must be particular 
evidence firom the prior art as to the reason the skilled artisan, with no knowledge of the 
claimed invention, would have selected these components for combination in the manner 
claimed. In reKotzab, 55 U.S.P.Q.2d 1313, 1317 (Fed. Cir. 2000). 
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Appellant respectfully submits that the pending claims are patentable over the cited 
references because the cited references fail to disclose or suggest the recitations of the 
pending claims. 

ni The Section 103 Reiecrion 

A. The Rejection of Independent Claims 1, 13 and 14 

As stated above, Independent Claims 1,13 and 14 stand rejected under 35 U.S.C. § 

103 as being impatentable over Andersson in view of Hara, Appellant respectfully submits 

that many of the recitations of these claims are neither disclosed nor suggested by the cited 

references. For example. Claim 1 recites: 

A method for authentication of a user by an authenticating entity comprising 
the steps of: 

the authenticating entity sending a challenge to the user; 
the aser adding a spoiler to the challenge; 

the user encrypting the combined spoiler and challenge using a private 
key of an asymmetric key pair; 

the user sending a response to the authenticating entity in the form of the 
encrypted combined spoiler and challenge. 

Claims 13 and 14 contain corresponding system and computer program product claims, 
respectively. Appellant submits that at least the highlighted portions of, for example. Claim 
1, are neither disclosed nor suggested by Andersson in view of Hara. 

The Final Office Action states that Andersson teaches all the recitations of Claim 1 
except for "adding a spoiler to the challenge and encrypting the combined spoiler and 
challenge." See Final Office Action, page 4. However, the Final Office Action points to Hara 
as providing the missing teachings. See Final Office Action, page 4. Appellant respectfully 
disagrees. In particular, the cited portion of Andersson discusses a conventional encryption 
system that includes sending a challenge to the requesting party. See Andersson, page 3, 
paragr^h 40, In fact, this type of conventional encryptiot^ system is discussed in the 
Background of the present application. See Figure 2 and corresponding text. Appellant docs 
not dispute that the use of a challenge as discussed in Andersson is known. However, Claim 
1 recites " adding a spoiler to the challenge; encrypting the combined spoiler and challenge 
using a private key of an asymmetric key pair and sending a response to the authenticating 
entity in the form of the encrypted combined spoiler and challenge . Nothing in 
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Andersson discloses or suggests at least these recitations of Claim 1. Furthermore, Hara does 
not provide the missing teachings. 

In particular, the cited portion of Hara states: 

[0083] As shown in FIG. 7B, the data transmitter 2 performs data encapsulation in 
accordance with the first protocol first by padding the IP datagram (i.e., adding a 
padding part 1021 to make the length of the data part an integer multiple of 64 
bits. For example, a padding part of 0 to 63 bits is suffixed to the IP datagram 101. 
All bits in the paddi ng part are "1" each. The padding is intended to keep the 
datagram to a predeterm ined data length because the data part is better suited 
for encryption when i ts length is an integer multiple of 64 bks . The data part 
placed in the format of the first protocol is called a section hereimden 

[0084] The section supplemented with the padding 102 is then encrypted by the data 
transmitter 2 as shown in FIG. 7C. Encryption is caiiicd out by use of encryption 
keys. The encryption keys are session keys (described later) used to encrypt 
information to be sent to the data receiver 3. The encryption method adopted here is a 
block encryption method based on the corrmion key cryptosystem such as the Triple- 
DES. The Triple-DES encryption is one of today's strongest public key cryptosystems 
and is easy to implement for high-speed encryption on a hardware basis. This 
encryption process, unlike that of most public key crypto^tems» is fast enough to 
keep up with transmission at rates of as high as 30 Mbps. 

See Hara, paragraphs 83 and 84 (emphasis added). The cited portion of Hara discusses filhpg 

in bits in an P datagram with "I's" so as to create a 64 bit datagram, which is better suited for 

encryption. Thus, Hara basically discusses adding place hold^ in the IP datagram. Nothing 

in Hara discusses the addition of a "spoiler" as recited in Claim 1. In fact, the addition of Ts 

discussed in Hara would not provide any added level of security as a "spoiler" that is always 

all Ts is easy to figure out. Accordingly, Hara does not provide the missing teachings. 

In response to Appellant's arguments presented above, the Final OfTice Action states: 

The Appellant defines a spoiler in page 8 of the specification as "befing] added to the 
challenge as a prefix or a suffix and the authenticating entity extracts the challenge by 
counting the number of bytes from the beginning or end of the combined spoiler and 
challenge," Hara discloses adding padding to data and then encrypting the data along 
with padding the data, because the data is then better suited for encryption (see 
paragraphs [0083] and [0084]). 

See Final Office Action, page 2. First, the cited portion of Appellant's specification is not the 
definition of a spoiler as used therein. The cited portion of Appellant's specification is found 
in the Summary of the Invention, and discusses features of some embodiments of the present 
invention. The spoiler according to some embodiments of the present invention is added to a 
challenge to enhance the authentication of a user, thus, providing more security to the users 


PAGE 8/19 ' RCVD AT 6/14/2006 1 2:07:42 PM [Eastern Daylight Time] ' SVR:USPTO-EFXRF-1/20 ' DNIS:273g300 ' CSID:919 854 1401 ' DURATION (fnm^s):05-38 


JUN. 14. '2006 1 2:09PM 919-854-1401 MBS&S' 


NO. 0064~^P. 9/1 


In re: John Owlett 
Serial No.: 10/081,500 
Filed: Febniary 22, 2002 
Page 7 of 17 

of the system. Appellant does not see how "adding padding to data", adding a bunch of 
I's to the IP datagram* to create a 64 bit datagram, which is easier to encrypt, teaches a 
spoiler as recited in the claims of the present application. Nothing in Appellant's 
specification even suggests the addition of bits simply to normalize the encryption process. 
In fact, as discussed above, the addition of I's discussed in Hara would not provide the added 
level of security provided by a "spoiler" according to some embodiments of the present 
invention, as the padding is always all Ts and, therefore, easy to figure out Accordingly, 
Appellant submits that the cited combination does not teach adding a spoiler to the challenge 
as recited in the claims of the present invention for at least these additional reasons. 

In addition to the reasons set forth above for reversing the obviousness rejections, 
there is also no proper motivation to combine the cited references in the manner suggested in 
the Final Office Action, Responsive to Appellant's arguments in their Amendment of March 
1 5, 2004, the Final Office Action cites In re MacLaughlin, which is a Court of Customs and 
Patent Appeals case from 1971. More recent case law of the Court of Appeals for Ae Federal 
Circuit makes clear that this does not imply that sweeping, conclusory inferences drawn from 
multiple references meet the requirements for support of a rejection under § 103. In 
particular, to support combining references, evidence of a suggestion, teaching, or motivation 
to combine must be clMr and particular^ and this requirement for clear and particular 
evidence is not met by broad and conclusory statemrats about the teachings of referraces. 
See, e.g., In reDembiczak, 50U.S.P.Q.2d 1614, 1617 (Fed, Cir. 1999). The Final Office 
Action does not point to any portion of the cited references as providing a motivation to 
combine the references. Each of the cited references include different uses of challenges, 
padding bits, and the like, atid a § 103 rejection may not be supported simply by throwing 
these disparate airangements of teachings together in an ad hoc fashion, as these proposed 
changes would fundamentally change the functionalities of the inventions described in the 
cited references. For example, the Final Office Action combines three references to allegedly 
teach the recitations of Claims 6-8 and 10. The more references that need to be combined to 
allegedly teach the recitations of particular claims, the less obvious the combination becomes. 
A person of skill in the art would not be motivated to combine these references without using 
Appellant's disclosure as a road map. Thus, it appears that the Final Office Action gains its 
impetus or suggestion to modify the cited reference by hmdsight reasonmg informed by 
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Appellant's disclosure, which, as noted above, is an inappropriate basis for combining 
references. 

Responsive to Appellant's arguments that there is no suggestion to combine the 
references, the Final Office Action states: 

In this case, the references provide a teaching, suggestion and motivation for 
combining the references. As disclose in Hara, in particular paragraph [0084], adding 
padding makes the data to be encrypted better suited for encryption. 

See Final Office Action, pages 2-3. As discussed above, the "spoiler" as recited in the claims 
of the present application does not just *'pad" the data to simplify the encryption process. 
Accordingly, this teaching of Hara would not provide a motivation to combine the references 
as suggested in the Final Office Action. Furthermore, the Final Office Action misinterprets 
the cited portion of Hara. Nothing in the cited portion of Hara states that the padding makes 
the encryption "stronger", only that a length of 64 bits is •T)etter suited" for encryption, i.e., 
easier to encrypt as it is a more standard length. Again, as discussed above, adding all Ts is 
not going to strengthen the encryption as much as "spoiler", as it would be easy to predict. 
Furthermore, even if Andersson and Hara could be properly combined, the combination of 
Andersson and Hara would not teach the recitations of the pending claims for at least the 
reasons discussed above. 

The Final Office Action further misinterprets Appellant's arguments as the Final 
Office Action states that Appellant argued that *'the question of motivation to add padding is 
based on subjective belief and unknown authority." See Final Office Action, page 3. In fact. 
Appellant's argument is that the motivation to combine the refiarences is not found within the 
references themselves or the art and, thus, the motivation to combine must be found in 
Appellant's disclosure, which is improper. Furthermore, even if the teaching of padding 
found in Hara were combined with the teachings of Andersson, the combination docs not 
teach the recitations of the claims of the present application. 

Finally, the Final Office Action states that "it must be recognized that any judgment 
on obviousness is in a sense necessarily a reconstruction based on hindsight reasoning." See 
Final Office Action, page 3. Appellant agrees. However, as affirmed by the Court of 
Appeals for the Federal Circuit in In re Sang-su Lee in a much more recent decision, "[i]t is 
improper, in determining whether a person of ordinary skill would have been led to this 
combination of references, simply to [use] that which the inventor taught against its teacher." 
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Thus, the motivation must come 6x>m outside the four comers of the application. The Office 
must point to some teaching in the art or dted references that would motivate a person of 
skill to combine the references as suggested. The Final Office Action docs not point to such 
a teaching. In particular. Andersson discusses network authentication that uses a 
conventional challenge responsive to a request. See Andersson, page 3, paragraph 40. Hara, 
on the other hand, discusses a data transmission method including encryption where the 
header is padded with I's to create a 64 bit block that may be well suited for encryption. See 
Hara, paragraphs 83 and 84. A skilled artisan would not be motivated to combine these 
references without using the teachings of Appellant's disclosure as a guide. 

Accordingly, Appellant respectfully submits that Independent Claims 1, 13 and 14 
are patentable over the cited combination for at least these additional reasons. Furthermore, 
the dependent claims are patentable at least per the patent^ility of independent Claim 1 from 
which they depend. Accordingly, Appellant submits that independent Claims 1,13 and 14 
and the claims that depend therefrom are in condition for allowance, which is respectfiilly 
requested in due course. For at least these reasons. Appellant requests that the rejection of 
Claims 1-14 be reversed. 

B. Many of th e Dependent Claims are Separately Patentable 

As Stated above. Claims 2-5 and 1 1-12 stand rejected under 35 U.S.C. § 1 03(a) as 

being unpatentable over Andersson in view of Hara. Many of the dqjendent claims are 

separately patentable over the cited combination. 

1. Claim 2 Is Se parately Patentable 

For example. Claim 2 recites: 

A method as claimed in claim 1> wherein the method includes the 
authenticating entity decrypting the encrypted combined spoiler and challenge using 
the public key of the asymmetric key pair and detennining if the user has been 
authenticated. 

As discussed above, nothing in Andersson or Hara discloses or suggests a combined spoiler 
and challenge as recited in the claims of the present application. Accordingly, it follows that 
nothing in the cited references discloses or suggests encryption of the combined spoiler and 
challenge as recited in Claim 2. Accordingly, Claim 2 is separately patentable over the cited 
references for at least these additional reasons. For at least these reasons, Appellant requests 
that the rejection of Claim 2 be reversed. 
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2. Claims 3-5 are Separately Patentable 

Claims 3 through 5 recite details of the spoiler. As discussed above, nothing in the 
cited references discloses or suggests a spoiler as recited in the claims of the present 
application. Accordingly, it follows that nothing in the cited references discloses or suggests 
details with respect to the spoiler as recited in Claims 3-5. Accordingly, Claims 3-5 are 
separately patentable over the cited references for at least these additional reasons. For at 
least these reasons, Appellant requests that the rejection of Claims 3-5 be reversed. 
3' Claims 6- 8 and 10 are Separately Patentable 

As stated above, Claims 6-8 and 10 stand rejected under 35 U.S.C, § 103(a) as being 
unpatentable over Andersson in view of Hara, and further in view of Tsudik. 

The Final Office Action admits that the combination of Andeisson and Hara do not 

disclose or suggest the recitations of Claims 6-8 and 10. See Final Office Action, page 6. 

However, the Final Office Action points to Tsudik as providing the missing teachings. See 

Final Office Action, pages 6-7. Appellant respectfully disagrees. Claims 6-8 and 10 contain 

details of obtaining a digest according to some embodiments of the present invention. In 

particular. Claim 6 recites "obtaining a digest of the combined spoiler and challenge before 

the step of encrypting/' The cited portion of Tsudik states: 

Communication between mobile users of and in a computer network is subject 
to a variety of security issues; user identification and user tracking are two 
particularly important ones. This invention provides a method and an apparatus for 
securely identifying a mobile user while avoiding trackability of his/her movements, 
i.e. it provides a way for a secure user identification in secrecy. The gist is to encrypt 
the user's identifier, and/or his/her password* and a synchronization indication, 
preferably a fixed time interval, under a secret one-way function and sending the 
encrypted message, herein called "dynamic user identifier", to the user's "home 
authority" where he/she is registered. The home authority con^rises correspondence 
tables listing, pre-computed for every time interval (or another chosen 
synchronization), the dynamic user identifiers and the corresponding true identity of 
the user and can thus quickly decide whether the received encrypted message 
originates fi:om a registered user. On the other hand, an intruder is neither able to 
detect fix)m the encrypted messages the identity of the usrar nor can he/she track a 
user's moves. 

See Tsudik, column 3, line 59 to column 4, line 1 1 . Nothing in the cited portion of Tsudik 
discloses or suggests the digest recitations of Claims 6-8 and 10. Accordingly, Claims 6-8 
and 10 are separately patentable over the cited combination for at least these additional 
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reasons. For at least these reasons. Appellant requests that the rejection of Claims 6-S and 10 
be reversed. 

4. Claim 9 is Separately Patentable 
Although the Final Office Action does not specifically reject claim 9 under 35 U.S.C. 
§ 103(a), the Final Office Action does state that "Tsudik teaches wherein the user sends 
details of the algorithm used for encryption to the authenticating entity (column 5, lines 27- 
48)." See Final Office Action, p. 7. The Final Office Action further states that "[i]t would 
have been obvious to one of ordinary skill in the art at the time of the invention was made to 
send details of the encryption to be used by mobile users, since Tsudik states at column 4, 
lines 12-21 that such modijScation would allow for mobile users while minimizing the 
traceability and possibility of identi jEying the mobile user." See Final Office Action, page 7, 
Appellant respectfully disagrees. Claim 9 recites "wherein the user sends details of the 
algorithm used for encryption to the authenticating entity." The cited portions of Tsudik do 
not disclose or suggest the algorithm recitations of Claim 9. Accordingly, Claim 9 is 
separately patentable over the cited combination for at least these additional reasons. For at 
least these reasons. Appellant requests that the apparent rejection of Claim 9 be reversed. 

For at least the foregoing reasons. Appellant respectfully submits that many of the 
dependent claims are also separately patentable over the cited references. Accordingly, 
Appellant respectfiilly requests reversal of the rejections with respect to the depend^t claims 
for at least these additional reasons. 
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UL Conclusion 

In light of the above. Appellant requests reversal of the rejections of the claims, 
allowance of the claims and passing of the application to issue. 

It is not believed that an extension of time and/or additional fee(5) are required, 
beyond those that may otherwise be provided for in documents accompanying this paper. In 
the event, however, that an extension of time is necessary to allow consideration of this 
paper, such an extension is hereby petitioned for under 37 C.RR. §1.1 36(a). Any additional 
fees believed to be due in connection with this p^er may be charged to Dq)osit Account No. 
09-0657. 
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APPENDIX A 

1 . (Original) A method for authentication of a user by an authenticating entity 
comprising the steps of: 

the authenticating entity sending a challenge to the user; 
the user adding a spoiler to the challenge; 

the user encrypting the combined spoiler and challenge using a private key of an 
asymmetric key pair; 

the user sending a response to the authenticating entity in the foini of the encrypted 
combined spoiler and challenge. 

2. (Original) A method as claimed in claim 1, wherein the method includes the 
auth^ticating entity decrypting the «icrypted combined spoiler and challenge using the 
public key of the asymmetric key pair and detennining if the user has been authenticated, 

3. (Original) A method as claimed in claim 1 , wherein the addition of a spoiler to 
the challenge is carried out by applying a spoiler function to the challenge. 

4. (Original) A method as claimed in claim 3, wherein the form of the spoiler 
fimction is sent to the authenticating entity. 

5. (Original) A method as claimed in claim 1, wherein the spoiler is added to the 
challenge as a prefix or a suffix and the auth«iticating entity extracts the challenge by 
counting the number of bytes from the beginning or end of the combined spoiler and 
challenge. 

6. (Original) A method as claimed in claim 1, wherein the method includes the 
user obtaining a digest of the combined spoiler and challenge before the step of encrypting. 

7. (Original) A method as claimed in claim 6, wherein the user obtains the digest 
by g4)plying a hash function to the combined spoiler and challenge. 
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8. (Original) A method as claimed in claim 6> wherein the user sends details of 
the spoiler and the method of obtaining the digest to the authenticating entity. 

9. (Original) A method as claimed in claim 1, wherein the user sends details of 
the algorithm used for encryption to the authenticating entity. 

10. (Original) A method as claimed in claim 8, wherein the authenticating entity 
obtains a digest of the combined spoiler and the original challenge that the authenticating 
entity sent to the user and compares the digest to a digest obtained by decrypting the response 
from the user. 

1 1 . (Original) A method as claimed in claim 1 , wherein the challenge is a bit 
sequence. 

12. (Original) A method as claimed in claim 1, wherein the spoiler is an additional 
bit sequence. 

13. (Original) A system for authentication of a user comprising a first ^plication 
and an authenticating second application, 

the authenticating second application having means for sending a challenge to the first 
application, 

the first application having means for adding a spoiler to the challenge and means for 
encrypting the combined spoiler and challenge with a private key of an asymmetric key pair, 
and 

means for sending the encrypted combined spoiler and challenge from the fu^t 
application to the authenticating second application. 

14. (Original) A computer program product stored on a computer readable storage 
medium for authentication of a user by an authenticating entity, comprising computer 
readable program code means for pcrfonning the steps of: 

the authenticating entity sending a challenge to the user; 
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the user adding a spoiler to the challenge; 

the user encrypting the combined spoiler and challenge using a private key of an 

asymmetric key pair; 

the user sending a response to the authenticating entity in the form of the encrypted 
combined spoiler and challenge. 
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APPENDIX B - EVIDENCE APPENDIX 
(NONE) 
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APPENDIX C - RELATED PROCEEDINGS 
(NONE) 
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